virtual database RRS feed

  • Question

  • Hi,

    I am evaluating database that I can use on my next project. at the moment I am looking at Oracle and SQL Server to work out which database has suitable feature for my project.

    I am planing to build multi tenant application and I would like to be able to do this.

    for example, I would like to have global catalog table for all tenant to store the information on, this can be done easily by creating one table and all the tenant will store the information into this one table. so I would like say user abc to have access to all data in the catalog table which is not a problem, and other user say tenant 1 only have access to data identifiy by tenant id = 1, and tenant 2 only have access to data identify by tenant id = 2.

    the reason being is catalog information is not data sensitive but when they enter like their accounting detail I would like to be able to partition each tenant so it confine to their data space only.

    I believe in oracle I can do this by using oracle virtual database, so I still can create global schema and also assign specific schema attach to the virtual database user so user abc can access to all catalog table from all tenant, and tenant 1 when they login they use virtual database permission assign to them and can only see the info belong to tenant 1, so even they type in select * from catalog they only see entry belong to tenant 1 only unline user abc they can view all.

    also for security feature, is it possible to encrypt the field data using sql server build in encrypt since most of the encryption function required some sort of key, and if the key is store in database or some config file then it could be prone to people hacking to get the key once they get the key then the info can be decrypt easily. I think oracle has module for transparent encryption module of something need to investigate further but from my initial understanding is oracle will manage the key so i just specify encrypt field 1, 2 and 5 and the info is encrypted (reducing point of attack) on the apps. I would like to be able to secure info like credit card information, banking infomation etc...

    can I do this in SQL Server?

    Thank you.


    - Haris -

    Tuesday, October 19, 2010 1:03 AM